SmallNetBuilder Forums
Go Back   SmallNetBuilder Forums > Security > General Network Security

Reply
 
Thread Tools Search this Thread Display Modes
  #11  
Old 02-05-2013, 08:38 PM
stevech stevech is offline
Very Senior Member
 
Join Date: Mar 2010
Location: San Diego
Posts: 4,845
Thanks: 1
Thanked 350 Times in 338 Posts
stevech is just starting out
Default

Your sensitive data on TruCrypt volumes.. If you're like me, those volumes are not open/mounted except when I'm doing work with the files. So the thief gets nada.
Reply With Quote
  #12  
Old 02-05-2013, 11:36 PM
vnangia vnangia is offline
Senior Member
 
Join Date: Jul 2008
Location: Washington, DC, USA
Posts: 133
Thanks: 2
Thanked 1 Time in 1 Post
vnangia is just starting out
Default

Quote:
Originally Posted by stevech View Post
Your sensitive data on TruCrypt volumes.. If you're like me, those volumes are not open/mounted except when I'm doing work with the files. So the thief gets nada.
Fair point... but I think there's multiple categories of data - confidential, private, who-cares; I mean, even the family photos could go on to a TrueCrypt volume, but it would be at ridiculous computational cost. Seems to me that a better strategy would be to make it more difficult to break in, no?

And none of that still address my stupidity - for example, accidentally triggering the installation of the Flashback Trojan on my Mac, because I need to have Java installed for certain work applications.

To wit, I've already taken your excellent suggestion on rechecking the ports both inbound and out on the router and I'm putting together a network map to figure out how machines need to and do not need to talk to each other with the view of splitting up the network with VLANs, as recommended by STX and Tim in the discussion above. I'm still not sure whether that addresses my concerns about accidentally bringing a plague of locusts, but we are basically following all of the steps recommended by Krebs here, with the exception of NoScript which makes life nigh impossible on the modern web - try selecting the charts on SNB, for instance
__________________

---
"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning." -Richard Cook
Reply With Quote
  #13  
Old 02-06-2013, 01:13 AM
stevech stevech is offline
Very Senior Member
 
Join Date: Mar 2010
Location: San Diego
Posts: 4,845
Thanks: 1
Thanked 350 Times in 338 Posts
stevech is just starting out
Default

Viruses, spyware, accidental deletion...
I store data on the NAS, not the PCs.
I image the PC disks every week or so, to the NAS.

The one time I got a bad virus/malware I couldn't eliminate, I just roll in the last image or partition backup. I now have these two backups automated on PCs, using Acronis (I've tried most all, and such as it is, Acronis is the best, IMO).

My main PC - has an SSD boot disk (120GB) and a 160GB mechanical disk. Again, I store no data on these, only the OS and programs.
I use Acronis to clone the 120GB to the 160GB quite often. I don't use the 160GB. Worst happens, I just clone the 160 back to the 120. This has saved my rear more than once. Cloning is better than partition imaging, by far, at the cost of a dedicated drive.

Last edited by stevech; 02-06-2013 at 01:17 AM.
Reply With Quote
  #14  
Old 02-26-2013, 02:20 PM
rquared rquared is offline
New Member
 
Join Date: Feb 2013
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
rquared is just starting out
Default

Quote:
Originally Posted by vnangia View Post
I suppose the more relevant question is, does it make sense to invest in a SOHO/SMB-class UTM appliance to replace my consumer router - is that the right tool to prevent myself from accidental stupidity and a potential light attack from the kinds of people who hacked Honan last year? (By which I mean script kiddies with preassembled tools rather than a nation-state with an army, more than the precise nature of the attack.) I suppose I'm aiming more for deterrence rather than anything else.
Sophos has a free UTM for home use that is awesome. Astaro UTM Home User version has everything (well almost that corp america has and is fairly straight forward. Untangle also has a product I've used for over a year, but just recently switched to Astaro due to the completeness of the offering. I can't recommend it enough for doing exactly what your talking about! You will need a system with two NICs, but they are cheap. Personally I use an Atom Supermicro server with ESXi installed and Astaro as a VM. Works flawlessly!

Wanna dig deeper and get real geeky, check out Security Onion.

Hope that helps.
Reply With Quote
  #15  
Old 04-13-2014, 09:44 AM
vnangia vnangia is offline
Senior Member
 
Join Date: Jul 2008
Location: Washington, DC, USA
Posts: 133
Thanks: 2
Thanked 1 Time in 1 Post
vnangia is just starting out
Default

Forgive me for resurrecting an old thread, but I'd have to post what would be a pretty much identical thread name.

I'm in the market for a new (wired) router, as it turns out my existing E4200 is vulnerable to (and because of some unusual internet behaviour perhaps WAS breached by) the infamous Linksys TheMoon malware. As a stopgap, I'm moving to DD-WRT but I'd really appreciate any advice now on a replacement router / UTM device.

My requirements are relatively modest - we have about 45-50 networked devices, including full-fledged computers and servers, phones, tablets and networked gadgets (examples would be IP cameras, the Nest thermostat, Fitbit Aria). Our primary internet connection is through Verizon's 75/35 FiOS service but I'd also like to have a second WAN port, as we have a backup network connection for when the FiOS headend goes down as it is wont to in the summer. I'd also like to have the capability to segregate devices using VLANs and ideally retire the RasPi that's been acting as a VPN endpoint for when I'm on the road. I've been looking at the following devices, as a consequence, with some of my thoughts:

-Linksys RV042G (unsure about performance, brand name ownership worries)
-Mikrotik Routerboard RB2011UiAS-IN (unbelievable price/performance ratio, impossible to buy in the US)
-Ubiquiti EdgeRouter PoE (difficult to setup, hard to buy in the US)
-Zyxel Zywall USG20 (dislike paying for an ongoing subscription)

I'm leaning towards the Mikrotik if I can ever find it for sale, but I'd like to wrap up and buy something in the next couple of days. Any advice appreciated.
__________________

---
"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning." -Richard Cook
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


All times are GMT -4. The time now is 04:40 AM.


Top 10 Stats
Top Posters* Top Thanked
RMerlin  365
john9527  148
azazel1024  134
stevech  117
htismaqe  99
L&LD  97
sfx2000  77
TonyH  71
AndreyPopov  56
ChristineBCW  54
RMerlin  6019
john9527  374
stevech  349
ryzhov_al  277
TeHashX  232
L&LD  231
RogerSC  199
sinshiva  147
sfx2000  133
joegreat  126
Most Viewed Threads* Hottest Threads*
Old Shellshock...  27528
Old Asuswrt-Merli...  11400
Old Antenna...  3929
Old Simple NAS...  2398
Old Brainstorming...  2211
Old Looking for...  1981
Old RT-AC68P  1886
Old Advice on...  1630
Old RT-AC68U...  1396
Old Asus...  1327
Old Asuswrt-Merli...  94
Old Antenna...  73
Old Brainstorming...  47
Old Advice on...  47
Old Simple NAS...  36
Old Looking for...  35
Old Shellshock...  31
Old Stable...  25
Old Issues...  24
Old WiFi Rates  23


Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
© 2006-2014 Pudai LLC All Rights Reserved.